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English Abstract 

Referrals are obtained from people, and at least some of the people are 
linked based on the referrals to create a trusted network. Linking 
includes storing relationships between at least some of the people that 
define at least a portion of the trusted network. Information is 
exchanged with one or more of the people via the trusted network. 
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ces recommandations afin de creer un reseau de confiance. Cette raise en 
relation consiste a memoriser des rapports entre au moins quelques unes 
de ces personnes definissant une partie du reseau de confiance. Des 
informations sont echangees entre une ou plusieurs de ces personnes par 
1 1 intermediaire du reseau de confiance. 
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Detailed Description 

EXCHANGING INFORMATION OVER 
A TRUSTED NETWORK OF PEOPLE 
Background of the Invention 

This invention relates generally to creating links 

between people based on trust, and to exchanging information 

based on those links. 

Important decisions are often made based on referrals 

f rom others. For example, one might rely on a ref erral when 

10 selecting a doctor, a movie, a job, or a potential employee. 

Typically, referrals are solicited from those whose judgment 
is trusted, particularly for impor Cant matters, such as 
employment, medical care, investments, and the like. 

Heretofore, referrals were obtained directly from the 
15 source or through "word of mouth". 

Summary of the Invention 

In general, in one aspect, the invention features 
obtaining trusted referrals from people, linking at least 
20 some of the people based on the trusted referrals to create 
a trusted network on a computer, and using information on 
the trusted network. Through the computerized trusted 
network, a user is given ready access to the trusted 
referrals and other information regardless of the 
availability of those issuing the referrals and/or providing 
the other information. 

This aspect of the invention may include one or-more of 
the following. The referrals are obtained in response to 
requests. Linking includes storing relationships between at 
least some of the people that define at least a portion of 
the trusted network. Each person on the trusted network is 
a node of the trusted network. Information is stored in 
association with nodes of the trusted network. The 
information relates to a person corresponding to a node of 
the trusted network and may be an assessment relating to the 
competency of the person corresponding to the node. 

Using the information includes sending an electronic 
mail (e-mail) message to one or more of the people on the 
trusted network. The e-mail message is delivered to the one 
or more people based on settings for the one or more people 
and based on links in the trusted network. The settings 
include listening . preferences that define which e-mail 
messages a person on the trusted network wants to receive. 

The trusted referrals may relate to products and/or 
services for sale. The e-mail message includes advertising 
for such products or services that is targeted to the one or 
more people. The information used on the trusted network is 
a referral relating to a person, place or thing, such as 
customer referrals for goods and/or services. Using the 
information encompasses a buyer and a seller on the trusted 
network exchanging information relating to products and/or 
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" services for sale over the trusted network. 

Data is obtained about a person on the trusted network 
of people. Using the information 1 includes matching the 
person to a position based on the data about the person. 

The data includes background information for the person and 
a desired position. The background information includes a 
10 personal profile that includes one or more of educational 
history, employment history, and skills of the person. 

The trusted referrals include trust in judgment and/or 
trust in professional competency/skills. At least one of 
the trusted referrals includes information relating to a 
15 degree of trust. The degree of trust includes an assessment 
of the professional competency of a person who is the 
subject of the at least' one trusted referral. Using the 
information includes obtaining information relating to one 
or more of the people via the trusted network based on the 
20 degree of trust. A rating of trust for a person on the 
trusted network is obtained based pn the degree of trust. 

Obtaining the information includes obtaining the information 
relating to the person only if the rating of trust for the 
person is greater than a predetermined rating. The rating 
is obtained based on information about the person that has 
been provided by people on the trusted network and possibly 
other people that are not on the trusted network. 

In another aspect, the invention features obtaining a 
referral via a computer-generated network of people who are 
linked to one another based on trust, and using the referral 
in a selection process. 

This aspect of the invention may include one or more of 
the following. The selection process includes screening 
based on the referral. Screening includes screening 
potential candidates for a position, screening potential 
products for purchase/use, screening potential positions, 
sdreening potential investments, and/or screening potential 
services for purchase. 

In another aspect, the invention features receiving 
information regarding types of messages that can be received 
via a trusted network of people, receiving a message via the 
trusted network of people, screening the message based on 
the information, and- 1 delivering the message if the message 
comports with the information. 

This aspect may include one or more of the following. 

The information regarding types of messages that can be 
received includes listening preferences which are provided 
via a computer-generated graphical user interface. The 
types of messages are defined based on one or more of the 
following: a specific level on the trusted network, 
specific people on the trusted network, specific streams on 
the trusted network, and/or a subject matter of the message. 

Other features and advantages will become apparent from 
the following description, drawings, and claims. 

Brief Description of the Drawings 

Figs.lto 3 depict information flow in a trusted 

10 network of people. 



Fig. 4 is a conceptual representation a trusted network 
of people. 

Fig. 5 is a block diagram of computer network hardware 
on which an embodiment of the invention is implemented. 

Fig. 6 is a flowchart showing a process for exchanging 
information over a trusted network of people. 
Fig. 7 shows an alternative conceptual representation 
of the trusted network of people. 

Fig. 8 is a flowchart showing a process for restricting 
receipt of information from the trusted network of people. 

Fig. 9 is a flowchart showing, a process for obtaining a 
referral using the trusted network of people. 

Figs. 10 to 52 show Web pages which depict an 
embodiment of the invention relating to employment. 

Description 

I . General Concept 

Generally speaking, the invention is a computer program 
(or "system") that acts as a brokerage tool for bringing 
together parties, who are linked based on trust, and who 
want to fulfill a need through the exchange of goods and 
services. The system acts as both a referral "bank" and a 
referral "agent". In its role as a referral bank, the 
system holds and manages referrals, meaning information that 
users of the system would give if asked about a particular 
subject (e.g., person, place, thing, etc.) In its role as 
a referral agent, the system circulates such information 
within an established network of people who are linked to 
one another based on trust, and distributes that information 
to those in the network of people who have the desire and 
the right to receive it., 

Networks of people are established by system users 
themselves, through a process of issuing referrals to, and 
requesting ref erral . s- 1 f rom, those whom the users trust. For 
20 example, if A trusts B, and B trusts C, a trusted network 
may be established in the system which links A, B and C and, 
thus, currently-existing trusted networks of Al B and C. 

Through this trusted network, information is disseminated 
and accessed. Since the network is based on trusted 
referrals, the information obtained through that network 
will be trusted by those on the network who receive it. 

To become part of the system, a user registers via a 
device connected to a computer network, such as the 
Internet, and enters relevant information. The user sends 
requests for referrals to obtain access to another person 1 s 
network of people (an inbound connection) and issues 
referrals to others to allow those others to obtain access 
to the user's network of people (an outbound connection). 

The former is referred to as an inbound connection because 
it allows information to flow inward through the trusted 
network, meaning from others on the trusted network to the 
user. The latter is referred to as an outbound connection 
because it allows information to flow outward through the 
trusted network, meaning from the user to others on the 
trusted network. In this regard, information does not 
actually "flow" through the system. Rather, stored 



'"information is accessed from a database and routed, e.g., 
via electronic mailAbased on stored connections between 
users in the trusted network. 

The referrals can include information indicating a 
levelofDtrustDin a person's judgment (called "trusted 
judgment" or "connection") and alevelofDtrustdof the 
person with respect to a particular skill, professional 
competency, or the like (called "trusted content") . More 
specifically, trusted judgment applies to those people that 
the user trusts for their judgment on specific matters. For 
example, A may trust B's judgment in hiring technical people 
or in selecting doctors. Trusted content applies to those 
people that the user values for their particular skills. 

For example, A may value B's skills as a software engineer 
or as a general practitioner. Thus, there are two different 
questions to answer when issuing a referral: (i) given each 
person the user indicated as trusted, does the user believe 
that this person also has specific skills/competencies that 
the user values; and (ii) given a person that the user 
values for specific skills or competencies, does the user 
trust this person's judgment as well and, if the user trusts 
this person's judgment, in what respects and in what areas. 

For a trusted link-to be established between persons A 
and B, it sufficient that either A or B refer the other to 
the system as a trusted person. A trusted link can also be 
established between-A and B if either of them indicates to 
the system that they trust the other's professional 
competency/skills. In this case,, absent an indication of 
trusted judgment, a link is established between A and B 
only. A link based solely on professional competency/skills 
does not give A access to B's trusted network or vice versa. 

Atrusted link between A and B will be formed if the 
system knows either that A trusts B's judgment or that B 
trusts A's judgment. Only one of these two conditions is 
needed for A and B to be connected in a trusted network. 

Although only one "trusted judgment" input is needed to 
establish a trusted link between two people, the person who 
entered the input will determine the direction of 
information flow through the network. By way of example, 
assume that A trusts B's judgment, but B does not trust A's 
judgment (the system does not collect and/or store llnon 
trust" information; therefore, if B does not trust A, B 
simply will not refer A to the system) . In this case, 
information will flow through/from A to B, as shown in Fig. 

1 . This means that when the system is performing a query, 
it will look for referrals tied to trusted networks for A 
and B. Referring to Fig. 21 if B trusts A, but A does not 
trust B, information will flow through B's network into A's 
network, as shown by the arrow in the figure. If A trusts B 
and B trusts A, information will flow in both directions 
from A's network into B's network and from B's network into 
A's network. This contingency is, shown in Fig. 3. 

A. Referral Bank 

Access to information in the system depends upon the 
trusted content and the trusted judgments stored in the 
system. By way of example, assume that A trusts B's 
5 judgment in investing and A would recommend B as a stock 
broker if somebody in A's trusted network needs a stock 



'broker. Therefore, if somebody is looking for investment 
advice and is, querying through A, the system will look in 
B's network (meaning, that the system will look at the 

10 referrals coming from B - the people B knows and would 
recommend if he were asked) The system looks in B Is 
network because A has indicated that A trusts B's judgment 
in investing and because the original query has to do with 
investing. If someone were looking for a stock broker 
15 through A f s network, -the system would identify B, since A 
In another example, assume that A values B as a stock 
broker, but A does not trust B f s judgment in recommending 

commodities brokers. Therefore, if somebody in A f s trusted 

20 network needs a stock broker, A will recommend B through the 
system. A does not actually do any "recommending"; this is 
done automatically by the system, without user intervention, 
since B is stored in the system as a referral of A. 

However, if somebody in A's network is looking for a 
commodities broker and is querying through A, the referrals 
coming from and through B will be ignored by the system. 

This is because A has not indicated to the system that A 
trusts B's judgment in recommending commodities brokers. 

In still another example, assume that A values B as a 
stock broker; A has not indicated that he trusts B's 
judgment with respect to doctors; but A does trust B's 
judgment in recommending commodities brokers. Therefore, 
W if somebody in A's trusted network needs a stock broker, 
10 A will recommend B through the system (as noted previously, 
this is done automatically by the system, without user 
intervention, since B is stored as a referral of A); (ii) if 
somebody in A' s trusted network is looking for a doctor and 
is querying through A, the referrals coming from and through 
15 B will be ignored by the system, since A does not trust B's 
judgment with respect to 'doctors; and (iii) if somebody in 
A's trusted network is looking for a commodities broker and 
is querying through A, the system will look in B 1 s network 
(meaning that the system will look at referrals coming from 
20 and through B - the people B knows and would provide 
referrals for if asked), since A dpes trust B's judgment in 
recommending commodities brokers. 

Thus, in this capacity, the system acts as a broker 
between one person who wants to buy goods and/or services 
and another person who wants to sell goods and/or services. 

For example, a patient wishing to "buy" the services of a 
doctor may use the system, in particular the trusted links, 
to obtain a referral for a doctor. The patient thus uses 
the system to obtain a referral for a doctor in the system 
who is "selling" his services. 

The system may also be used to obtain referrals based 
on the actions of those in the system whom the user trusts. 
For example, if person A is searching for a compact disc 
(CD) , A may query through the trusted stream of another 
person B, whose taste in music the user trusts. In this 
context, "trusted stream" refers to the set of people 
connected by trusted links going out to the N th (N>1 ) level 
of a trusted network, and corresponds to branches of a 
trusted network starting at a particular node (person) . 

In response to the-query, recommendations for CDs may 
be obtained from B or those in B's trusted stream. In 
addition, the system may store, at each node of the trusted 



network, information, indicating, for example, which CDs B 
and those in B's trusted stream have purchased recently. 

Instead of, or in addition to, returning the recommendations 
of B and/or those in B's stream, the system may provide A 
with information indicating which CDs have been purchased by 
B and those in B's stream. 

B. Referral Bank 

In addition to providing access to referrals, 
information can be exchanged over a trusted network in 
several ways. For example, information can be transmitted 
5 by streamcasting, which means to transmit the information 
through one or more streams. Other activities relating to 
exchanging information over a trusted network include 
streamresearching, which includes looking for referrals (or 
other information, depending upon the specific application) 
10 independently of previously-set listening preferences and 
previous queries; streamsearching (or querying) , which 
allows users to search through specified streams for 
information; and backstreaming, which means to validate 
through people the user trusts the information and referrals 
15 that the user received through people that trust the user. 

These functions allow users to disseminate and access 
information through trusted networks. 

Users in a trusted network can set "listening 
preferences" to spec-ify which information flowing through 
20 the network that they want to receive and, consequently, 
which information that they want to ignore. More 
specifically, the listening preferences allow a user to 
select which information to listen for, to specify those 
people in the user's immediate trusted network that the user 
wants to hear from, and to choose from which level in a 
trusted network to receive information - from a first level 
to an entire trusted stream. In this context, a "level" of 
a trusted network refers to the number of people (i.e., 
5 network nodes) removed from the user in the network. For 
example, those directly connected to the user are said to be 
in the first level of the trusted network relative to the 
user. As noted above a, "trusted stream" refers to a branch 
of a trusted network starting at a particular node (person) 
In the context of the present system, information 
transmissions through trusted networks do not require any 
action from users (network nodes) . Users of the system 
"transmit" by virtue of being nodes in the system. As such, 
they are passive as to what is being transmitted; they do 
15 not initiate the activity of transmitting. By contrast, 
streamcasting is initiated by users. Individuals have the 
ability to streamcast as users of the system. Individuals 
streamcast when a message is initiated and sent by them to 
others on the system-. Users can decide what levels of a 
20 trusted network to which the message should be sent. For 
those directly linked to the user, the user can also specify 
which of them will receive the message. 

By way of example, Fig. 4 shows a trusted network 
containing persons A, B and C. Assume that A both trusts B 
and values B as a stock broker. If C is looking for a stock 
broker, a query is transmitted through A and B without A and 
B even knowing it. If C is streamcasting a press release 
through A (e.g., to those on A's trusted network), the press 
release gets transmitted to users linked to A or in A's 
stream and is delivered to those users 3 that have set the 



appropriate listening preferences. Person A will receive 
the message if his listening preferences comply with the 
message features (content/level sending or person sending) 
without any action on A's part. 

Streamcasting can also be used to target advertising to 
users on the system who have their listening preferences set 
to receive such information. Advertising may be transmitted 
through a trusted stream based on the trusted links in that 
stream. For example, if A trusts B ! s judgment in purchasing 
automobiles, B may streamcast automobile advertisements 
through A 1 s stream (provided the appropriate links have been 
established) Anyone in A's stream who has their listening 
preferences set to receive such information will receive the 
advertising. Because of the trusted nature of the links 
that define A's stream, those people on A ! s stream who 
receive the advertising (including A) will give the 
advertising more credence than "regular" advertising. 

Thus, to summarize, individuals become users of the 
system by (i) registering, (ii) entering information about 
themselves, (iii) entering their trusted network and 
creating connections to the trusted network, and (iv) 
setting their listening preferences. To create connections 
to a trusted network, the user: -(i) specifies those people 
to whom the user has a direct connection; (ii) sets inbound 
connections by sending requests for referrals asking people 
to refer the user into their networks by entering 
10 trust/skill evaluation information in the system, and (iii) 
sets outbound connections by referring people in the user's 
network to the system by entering trust/skill evaluation 
information into the system. In specifying listening 
preferences, the user is given three sets of variables from 
15 which to select. These include: (i) for what information 
the individual is listening, (ii) from which level of the 
network the individual is listening for information, and 
(iii) from whom in the network the individual wants to 
receive information, . Once the appropriate access and 
20 settings have been set, information can be exchanged over 
the trusted network. 

II. Hardware And Software 

Referring to Fig. 5, a network system 10 is shown for 
implementing an embodiment of the invention. Network 
system, 10 includes a server 11, which communicates with 
5 computer 12 over computer network 15. Computer network 15 
may be any private or public network, such as a local area 
network (LAN) , a wide area network (WAN) , or the Internet. 

Computer 12 is a personal computer (PC) or any other 
type of processing device, such as a laptop computer, a 
hand-held computer, or a mainframe computer. Computer 12 
includes input devices (not shown) , such as a keyboard and a 
mouse, for inputting information and accessing data, and a 
display screen for viewing such data and other images. 
Server 11 is a computer, such as a PC or a mainframe 
computer, which executes a computer program to generate and 
traverse a trusted network of people (it is noted that a 
"trusted network" in the context of the present invention is 
an entirely different construct from network system 10 shown 
in Fig. land that the two are unrelated except insofar as a 
trusted network is established and accessed via network 
system 10) . View 16 shows the architecture of server 11. 



The comoonents of server 11 include a processor 17, such as 



* a microprocessor or microcontroller, and a memory 19. 

Memory 19 is a computer hard disk or other memory storage 
device for storing a database 20 and computer vroqrams 21. 

Among the computer programs 21 stored in memory 19 are an 
' 1nternet Protocol (IP) stack 22, for communicating over 
computer network 15, and engine 24. Engine 24 includes 
5 computer instructions that are executed by processor 17 to 
generate graphical user interfaces (GUIs), such as the web 
pages described below, and to generate and traverse a 
trusted network of people. 

Fig. 6 shows a process 25 for establishing a trusted 
10 network of people and for using that trusted network to 
exchange information among the people on the network. In 
this embodiment, process 25 is performed by engine 24 based 
on user inputs provided through-computers, such as computer 
12. The invention, however, is not limited to use in this 
15 environment. 

Process 25 begins by-obtaining (or "harvesting") (601) 
referrals from "reviewers" , meaning those issuing the 
referrals, and storing those referrals in database 20. What 
is meant by "referral41 here is the trusted content and/or 
20 trusted judgment noted above. For example, a reviewer might 
believe that a subject (of the referral) provides reliable 
referrals on all topics. Alternatively, the reviewer might 
believe that the subject provides reliable referrals 
relating only to some topics, such as employment and movies, 
but not-to other topics, such as doctors. Referrals may be 
obtained by issuing (601a) reques ts to reviewers and 
receiving (601b) the referrals in response to the requests. 

Requests and responses are typically issued via electronic 
mail (e-mail) over network 15; however, other electronic or 
non-electronic transmission media may be used. Requests are 
issued (601a) at the behest of the subject of the referral. 

For example, the subject may request a referral from a 

reviewer by filling out a request form and transmitting that 
request to the reviewer via e-mail. 

Process 25 links (602) people based on the referrals 
obtained in 201 to create a trusted network. There may be 
more than one link between two people on a trusted network 
if referrals exist between the two people that relate to 
different topics. Fig. 7 shows a representation of a 
trusted network 26. The — representation shown is not 
actually stored; rather the relationships (i.e., the links) 
between nodes (people) on the network are stored. In 
particular, information is stored defining links between 
20 nodes on the trusted network. Process 25 links the people 
by traversing database 20 and defining associations between 
the nodes based on the referrals. 

As noted above, a trusted network may contain several 
levels, defined here as a private trusted network, an 
extended trusted network, and a global network. Taking 
person/node 27 as an example, private trusted network 28 for 
person 27 includes all those on network 26 to whom person 27 
has a direct link (inbound and/or outbound), namely persons 
29 to 32. The links in private trusted network 28 include 
those people about whom person 27' has provided a referral or 
have provided a referral for person 27. Thus, the links 
include those who person 27 trusts, either for their 



1 ■' judgment or professional competency/skills. 

Since person 27 has provided the system with referrals 
for persons 29 and 32, person 27 can transmit ("streamcast") 
queries and information to and through persons 29 and 32, 
but person 27 will not automatically receive information or 
queries through persons 29 and 32. Person 27 will receive 
15 information from, and through, persons 29 and 32 only if 
persons 29 and 32 trust person 27, have issued a referral to 
person 27, and links have been created and stored in the 
system which indi cate that trust. 

The extended trusted network 34 for person 27 includes 
20 all those in person 27* s private trusted network 28 and all 
those who are linked to people in person 27 ' s private 
trusted network 28. For example, person 35 is in extended 
trusted network 34, as are persons 36 to 45. Persons 36 to 
45 are in person 27 's extended trusted network because they 
are links in various unbroken chains leading to person 27 . 

As noted, these links are established through the exchange 
of referrals by those on network 26. 

Trusted streams are defined based on a single person's 

5 link to person 27. For example, person 32 constitutes the 

entry point to stream 33 relative to person 27. 

A global network includes all people who are registered 
with server 11, together with data associated with each of 
those people. Thus, the global network includes all those 
on network 26 who are registered with the system. 

Each person on network 2 6 may specify people on network 
2 6 from whom messages can be received. This is done by 
specifying listening preferences (described above) . By 
specifying listening preferences, a person can specify that 
messages are to be received from only people on the person's 
private trusted network, -from a specific stream, or that 
only messages having specific content are to be received. 

Process 25 receives (603) such data specifying 
listening preferences from people on network 26, e.g., 
during a registration process, and stores the data at the 
appropriate node of network 26. In 603, process 25 may also 
receive other data, such as a personal profile of the user 
including educational history, skills, and employment 
history, and other information specific to the user. Uses 
for such information are described below. 

The data of 603 may be used when process 25 exchanges 
(604) information via network 26. For example, a person 27 
on network 26 may transmit a message to all those on his 
private trusted network 28. The message is then routed 
(e.g., by e-mail) to all those on private trusted network 
28. Whether the message will be delivered to a person on 
private trusted network 28 is determined by that person's 
listening preferences. If a person's listening preferences 
indicate that he will not accept a particular message, that 
message is not delivered to that person. Actual 
ttansmission and delivery of the messages "through" network 
26 is performed by the system, which retrieves the e-mail 
addresses of all those linked directly (for private trusted 
network transmission) and/or indirectly (for extended 
trusted network transmission) to person 27 and forwards the 
message to those e-mail addresses. 
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Fig. 8 shows a. rocess 47 that is used by person 27 on 
network 26 to restrict receipt of messages from other people 
on network 26. Process 47 may be implemented in engine 24 
in connection with appropriate software on computer 12. ' 

Process 47 begins with person 27 providing (801) 
information identifying which types of messages that person 
wants to receive. This is typically done by selecting 
listening preferences on a GUI, such as a Web page output by 
server 11. Process 47 receives (802) a message directed to 
person 27 over network 26. Process 47 screens (803) the 
5 message to determine if the message is of the type that 
person 27 wants to receive. For example, person 27 may want 
to receive messages relating to particular topics, such as 
employment opportunities. In this case, process 47 screens 
(803) the message to determine if it relates to such a 
10 topic. Alternatively, person 27 may want to receive 
messages based where those messages were transmitted from in 
network 26. For example, person 27 may want to receive 
messages from those people on his private trusted network 
28, but not from other people. In this case, process 47 
15 screens (803) the message to determine if it came from 
someone on person 27 's private trusted network 28. If the 
message comports with the type of message that person 27 
wants to receive (804), process 47 delivers (805) the 
message to person 27.1s computer. Otherwise, process 47 
ignores (806) the message, meaning that it does not deliver 
the message to person 27. 

Trusted network 26 may be used to distribute 
information to its members/nodes. Such information may 
include, for example, targeted advertising, information 
relating to employment opportunities, investment advice, 
news clips, or any other type of announcement. Whether this 
information is actually delivered to those on network 2 6 
depends on the listening preferences set by those members. 

To distribute information, a member of network 26 need 
merely specify people and/or subnetworks to receive the 
information. For example, information may be streamcast to 
a particular stream of private trusted network 28. 

Fig. 9 shows a process 50 for obtaining referrals using 
network 26. Process 50 may be implemented, at least in 
part, in engine 24. As noted, a referral may relate to any 
subject matter. For example, it may relate to a candidate 
f6r a position, a doctor, a movie, investment advice, or 
anything else about which a person wants a referral and for 
which information is available via network 26. 

A referral is obtained (901) by querying database 20. 

Referrals are obtained by retrieving stored referrals from 
people on a private trusted network or an extended trusted 
network. For example, each person on extended trusted 
network 34 may store a referral for a doctor. Since 
extended trusted network 34 is based on trust between people 
on the network, if person 27 is searching for a doctor, 
person 27 can retrieve referrals for doctors via the system. 

For example, assume that person 27 trusts person 29 's 
judgment with respect to referring doctors and that person 
29 has a referral to person 43, who is a doctor. In 901, 
the system goes from person 27, through person 29, to obtain 



a referral for person 43. The system then provides person 

5 29 with an indication that person 43 is a "referred" doctor. 

Of course, referrals obtained in 901 can be more complicated 
than this, and include, but are not limited to, all of the 
examples set forth in the "General Concept" section above. 

The referral obtained in 901 may be used as part of a 
10 broader selection process (902) . The selection process may 
include screening a person based on the referral. For 
example, if the referral is for a candidate for a position, 
the selection process will include screening the candidate; 
if the referral is for a position at a company, the 
15 selection process will include screening the position; if 
the referral relates to investments, the selection process 
will include screening the investments; if the referral 
relates to potential products or services for purchase/use, 
the selection proceas, will include screening the potential 
20 products or service providers; and so on. The screening 
process may take into account various factors and is 
performed "off-line" based on referrals and/or information 
obtained via process 50. 

III. "Employment" Embodiment 

The following describes an embodiment of the invention 
for use in an employment context. Initially, the user 
registers with the system via a registration page 50 (Fig. 

5 10). Registration-page 50 includes entries for the user's 
first name 51, last name 52, e-ma:il address 53, user 
supplied password 54, password confirmation 55, and a 
challenge question 56 and response 57. Clicking on register 
button 59 registers the user with they system. Upon 
10 registration, the user receives a system-generated private 
identifier (ID) , which identifies the user to the system. 

The user enters the system through login page 60 (Fig. 11) 
by entering the private ID 61 and password 62. 

From there, the system displays menus 64 (Fig. 12) for 
selecting various options. These options correspond to 
functions available via -engine 24. A description of the 
menus and options is as follows. 

Profile menu 65 displays options 67 to 69. Option 65 

("My Contact Information") displays Web page 70 (Fig. 13) . 

20 A user provides contact information to server 11 via Web 
page 70. This contact information includes the user's 
address 71, e-mail address 72, primary phone number 73, 
secondary phone number 74, and facsimile number 75. An 
option 76 is also provided for allowing server 11 to share 
one or more elements of the user's contact information with 
others on the user's private inbound network. The user's 
contact information is transmitted from computer 12 to 
server 11. The information is stored in association with 
the user's private ID in database 20. Update button 77 
updates the user's contact information in the system. 
Web page 70 also displays a list 79 of those people on 
the user's private trusted network, along with information 
indicating whether the people listed are on the user's 
inbound 80 or outbound 81 trusted network. List 79 includes 
the name 82 of each person on the user's private trusted 
network. Add button 84 allows the user to add people to his 
private trusted network. List 7 9 is included on many of the 



' Web pages shown below and, therefore, is noted here only. 

Option 68 ("Desired Job") provides server 11 with 
information about a job that the user is seeking, option 68 
displays Web page 85 (Fig. 14) . On Web page 85, box 86 
indicates the position/function that the user is seeking. 

Box 87 indicates the level at which the user wishes to enter 
an organization. Boxes 88 to 90 indicate the user's 
willingness to move and date of move. Box 91 indicates the 
maximum number of miles the user is willing to commute based 
on the user's zip code. Box 92 is reserved for comments 
regarding the type of job desired by the user. Box 93 
indicates the number of years that the user has been in a 
specific industry. Box 94 indicates the type of company at 
which the user wants to work, meaning one in the prefunding 
stage, in the funded stage, in the about to IPO ("Initial 
Public Offering") stage, or in the post IPO stage. Share 
boxes 95 indicate whether the user has authorized server 11 
to make corresponding information available to companies 
(i.e., potential employers) on the system. Share boxes 9 6 
indicate whether the user has authorized server 11 to make 
the information available to those on the user's private 
inbound network. Check boxes 97 and 98 indicate whether the 
user is currently listening for full-time jobs or consulting 
jbbs, respectively. 

Option 69 ("My Background") displays Web page 99 (Fig. 

15) . Web page 99 shows background information regarding the 
user's professional profile, including employment history 
100, education 101, and skills 102. For each company 104, 
employment history 100 includes dates of employ 105, level 
106 (meaning position) , functional area 107, and title 108 
of the user. Education 101 lists schools the user attended, 
among other things, and skills 102, lists the users skills. 
Option 110 allows the user to share the background 
information with those on the user's private inbound 
network. Option 111 allows the user to share the background 
information with companies on the system. 

Hyperlink 112 allows the user to edit their employment 
history. Clicking on hyperlink 112 displays Web page 113 
(Fig. 16) . Web page 113 allows the user to edit the 
information shown, to add an employment record via button 
114, or to add a leave of absence via button 115. Web page 
113 indicates whether the information can be shared with 
those on the user's private inbound network 117 or to 
companies 119 registered with the system. 

To change an employment record via Web page 113, the 
user clicks on a hyperlink, such as 120, that corresponds to 
a company name. This displays Web page 121 (Fig. 17) . Web 
page 121 includes options for changing/entering the company 
name 122, address 123, start date 124, end date 125, primary 
function 126, secondary -function 127, level 128, title 129, 
and comments 130. Options 131 allow the user to select 
whether the info rmation can be shared with those on the 
user's private inbound network or to companies registered 
with the system. Clicking on update button 132 updates this 
information on Web page 113 (Fig., 16). Cancel button 133 
cancels the current action; and delete button 134 deletes 
newly-entered information. 

Clicking on hyperlink 135 (from any of Web pages 99, 



113 or 121) displays Web page 136 (Fig. 18). Web page 136 
allows the user to edit their education history. Add button 
137 allows the user to add additional education information. 

Web page 136 displays educational history information 
which includes the university 140 that the user attended, 
degree awarded 141, major 142, and indications 145 and 146 
as to whether this information can be shared with those on 
the user's private inbound network and/or companies 
10 registered with the system. Clicking add button 137 or on 
on a hyperlink 149 that corresponds to university attended 
displays Web page 150 (Fig. 19) . 

Web page 150 allows the user to edit/add educational 
information, including school name 151, address 152, major 
15 153, degree 154, begin date 155, end date 156, graduation 
information 157, minor 158, honors 159, GPA (grade point 
average) 160, and comments 161. Options 162 allow the user 
to select whether the information can be shared with those 
on the user's private inbound network or to companies 
20 registered with the system. Clicking on update button 164 
updates this information on Web page 136 (Fig. 18) . Cancel 
button 165 cancels the current action. 

Clicking on hyperlink 166 (from any Web page) displays 
Web page 170 (Fig. 20) . Web page 170 allows the user to 
edit their current skills 171. Add button 172 allows users 
to add a new skill; remove button 173 allows users to remove 
an existing skill; and save button 174 allows users to save 
new skill settings, options 175, 176 and 177 provide 
different ways for a user to add a new skill to their 
current skills 171. 

More specifically, option 175 allows users to enter 
skills manually. Option 176 allows users to choose skills 
by category. Clicking on the button corresponding to option 
176 displays Web page 180 (Fig. 21) . Web page 180 allows 
users to select skills from category set 181. Add button 
182 adds skills from category set 181 to selected skills set 
184. Clear button 185 clears a selected skill from selected 
skills set 184 and save button 186 saves a new selected 
skill set. Referring back to Fig. 20, clicking on the 
button that corresponds to option 177 displays Web page 190 
(Fig. 22) Web page 190 allows users to select from an 
alphabetized skill list. The functions of add button 191, 
clear button 192, apd save button 193 are the same as their 
counterparts in Fig. 21. 

Referring back to Fig. 12, menu option 200 includes 
three options: "My Peoplestream Network" 201, "Get 
Connected" 202, and "Message History" 203. 

Clicking on "My Peoplestream Network" 201 displays 
Web page 204 (Fig. 23) . Web page 204 includes a list 205 of 
all those people on the user's private trusted network. The 
people are listed by name 206 and include information 
indicating whether there is an outbound connection 2 07 
between the user to the person listed, and information 
indicating whether there is an inbound connection 208 
between the user and the person listed. People, such as 
person 209, who have no established inbound or outbound 
connection, but who have been invited to join the system by 
10 the user, may also be listed on Web page 204. Other 
information listed for each person includes the user's 
rating of each person's professional competency 210, whether 



the user trusts each person 1 s judgment 211, if a contact has 
been disabled 212 between the user and the person,: 1 and the 
15 last message 213 exchanged between the user and the person 
listed. Information (not shown) may also be provided which 
indicates whether the person listed belongs to the user's 
core network. "Core network" here refers to preferred 
nodes/people in a user's private trusted network with which 
20 the user exchanges information. The core network may be 
specified beforehand and may be uspd to send information 
to/receive information from specific trusted streams. A 
person need not specify a core network. 

Add button 215 on Web page 204 displays Web page 216 
(Fig. 24) . Through Web page 216, the user can enter a 
referral for a person. The one entering the referral should 
have the private ID of the subject of the referral. The 
private ID is obtained from this person, who has sole access 
to the private ID. The referral includes this private ID 
217 and other information, such as the name 218 of the 
subject, a (subjective) professional competency assessment 
219 selected via a pull-down bar 220, an indication 221 of 
whether the user trusts the person's judgment of others, an 
indication 222 of whether the reviewer worked with the 
subject, the duration of time 223 that the reviewer worked 
with the subject, the relationship 224 between the reviewer 
and the subject, an indication 225 of whether the user would 
like to share his profile with the person, a comments 
section 226, and a hyperlink 226 for viewing professional 
information of the person (A-BHAMMAR) As shown, pull-down 
bar 220 lists different degrees of trust in the person's 
professional competency. The user can select from these 
options, which then stores the data in database 20. 

Referring back to Fig. 12, "Get Connected" option 202 
displays Web page 230 (Fig. 25) . Web page 230 allows the 
user to send an e-mail requesting the recipient to register 
with the system. The e-mail includes a message 231 
instructing the recipient as to how to proceed, along with 
the user's private ID 232. This information is needed for 
the recipient to establish connection to the user's trusted 
network . 

"Message History" option 203 allows the user to obtain 
information about messages from 'Web page 240 (Fig. 26), such 
as invitations to join the system, that the user has sent. 

This information includes the identity 241 of the person to 
whom the message was sent, the date 242 that the message was 
sent, and the "type" 243 of the message, e.g., e-mail. 

Clicking on a hyperlink 244 from Web page 240 displays Web 
page 245 (Fig. 27) . Web page 245 displays the content of 
the message, in addition to the information noted above. 

Referring back to Fig., 12, clicking on listening center 
menu 247 gives the user access to listening center options 
provided through server 11. Generally speaking, these 
options allow the user to determine which messages to listen 
for and which contacts to disable. 

Clicking on listening preferences option 248 displays 
Web page 249 (Fig. 28) Generally speaking, listening 
preferences include (i) what information the individual is 
listening for, and (ii) from which level of the network the 
individual is listening for information. There are three 
groups individual users can listen to: (i) private trusted 



network, meaning people to whom the individual has a direct 
link, (ii) stream, meaning people who are indirectly linked 
to the individual (this may be limited to corporate users or 
"hiring managers") , and (iii) the system proprietor, in this 
case, Peoplestream. -com. There are three types of messages 
individual users can listen for. 1 These include information 
from/ about companies, such as press releases and job 
information, Peoplestream.com news and information, and 
personal information from other individual users on the 
network . 

Web page 249 allows the user to select which messages 
to receive. Server 11 routes these messages to users based 
on, their listening preferences provided that the users are 
in the appropriate stream and meet the necessary 
15 requirements. For example, a user may select to listen to 
his private inbound network 250 and/or from his inbound 
streams 251 (including the private inbound network and those 
linked to the user's private inbound network). The user can 
set listening preferences to listen for streamcast messages, 
20 including messages from the user's private inbound network 
253 and press releases 254. The uper can set listening 
preferences to listen for streamsearch messages 255, 
including messages relating to full-time career 
opportunities 256, consulting job career opportunities 257, 
and advice 258. In addition, the user can set listening 
preferences to listen for messages from the system 
administrator, in this case Peoplestream.com. These 
listening preferences include information pertaining to new 
companies 260, companies receiving new funding 2 61, and 
changes in company status 2 62. 

Those messages that the user wants to receive (as set 
in the listening preferences) are routed to the user via e 
mail by virtue of the links among people that define trusted 
network 26. Messages that the user does not want to receive 
are ignored in that they are not routed to the user. 
Referring back to Fig. 12, clicking on disable contact 
option 264 displays Web page 265 (Fig. 2*9) . Web page 265 
allows the user to disable a connection to another person in 
15 the user's private trusted network. As noted above, 
messages are routed based on associations between people on 
the user's network. If a contact (i.e., a person) on that 
network is disabled, this means that the user will no longer 
accept messages routed through that contact. 

The user can specify which contact to disable by 
clicking on Add button 266, which displays Web page 267 
(Fig. 30) . There, the user can enter a private ID 269 
corresponding to a link in the user's private trusted 
network that the user wants to disable. Comments 270 may 
also be entered regarding the link. Web page 273 (Fig. 31) 
can be accessed via hyperlink 272 on Web page 267. There, 
.the user can disable company contacts. For each e-mail, the 
system gives its users the option to disable whoever sent 
the e-mail. 

Referring back to Fig 12, selecting company pipeline & 
research menu 275 provides ways for a user to get 
information about, and evaluate, a company registered with 
server 11. Company Pipeline & Research Menu 275 provides 
the user with options 276 to 278. 

Pipeline option 276 displays a Web page 277 (Fig. 32) 

that lists companies registered with server 11 to which the 
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' user is positively associated (e.g., through links in-the 
user's trusted network) and with which the user has had some 
relationship/activity. Pipeline option 277 provides 
information indicating job openings (levels) 279 at a listed 
company 280 and an area 281 for notes/comments. Clicking on 
hyperlink 282 displays Web page 284 (Fig. 33) . Web page 284 
allows the user to add a new company to the user's pipeline. 

This is done by entering the company in box 286, the 
location 287 of the company, and/or a relevant industry 290. 

Referring back to Fig. 32, clicking on hyperlink 290 
displays Web page 291 (Fig. 34) . Web page 291 displays the 
user's activities with a particular company listed in the 
user's pipeline. These activities may include, for example, 
hiring activities, such as interviews, receipt of an offer 
for employment, rejections, etc. 

Referring back to Fig. 12, streamresearch option 277 
5 displays Web page 300 (Fig. 35) . Web page 300 shows alist 
ofcompanies301 that have job openings 302, that the user 
is positively associated to, and that belong to the user's 
trustedref erral network. Messages may be sent to the 
hiring manager (s) of thesecompanies . For example, by 
10 clicking on "Send Profile" button 304, users can send their 
information, such as that shown in -Web page 99 (Fig. 15), to 
one or morecompaniesselected in boxes 305. 

Referring back to Fig. 12, discovery option 278 
displays a Web page 307 (Fig. 36) that includes a list 308a 
15 of companies registered with server 11 with a brief 
description of each. Clicking on a hyperlink 309a that 
corresponds to a name of a company provides additional 
information about the company (Fig. 37) . Discovery page 307 
includes: "Company ., S 1 earch" 308 and "Job Search" 309. 

Clicking on "Company Search" link 308 displays Web page 
310 (Fig. 38) . From there, the user can search for 
companies registered with the system as noted above. 

Clicking on "Job Search" link 309 displays Web page 312 
(Fig. 39) . Web page 312 lists companies 313 that have job 
openings 314 that correspond to the information input by the 
user in Web page 85 (Fig. 14) . More specifically, as shown 
in Fig. 14, the user input "software engineer" as a desired 
job in Web page 85. Web page 32 therefore displays 
5 companies 313 registered with the system that have jobs 316 
that correspond to the user's initial search criteria (in 
this case, "software engineer"). 

As noted above, Fig. 37 (Web page 320) displays 
information for companies listed on Web page 307 (Fig. 36) 
10 The information is shown in the figure; however additional 
information may be displayed if desired. Web page 320 also 
displays two buttons: backstream and genealogy. Referring 
to Fig. 40, genealogy 321 displays company history and 
associations with respect to employees 322, founders 323, 
15 key hires 324 investors 325, board members 326, competitors 
and/or targets (these last two options are available for 
corporate users only) . Backstream 327 allows users to 
determine if there is a trusted connection from the user 
back to a company via the user's trusted network. Clicking 
20 on Backstream button 327 displays Web page 330 (Fig. 41) . 



Web page 330 allows the user- to determine if there is a 
backstream to employees 331, founders 332, key hires 333, 
investors 334, and/or board members 335 of company 309. The 
position of each person within the company is stored in 
database 20 with server 11. The user can send their profile 
to company 309 via "Send Profile" button 340. 

Referring back to Fig. 12, "Streamsearch & Streamcast 
Tools" option 341 provides options for issuing queries 
through the system to search for people to fill a position 
and/or to search for advice. In this embodiment, 
"Streamsearch & Streamcast Tools" option 341 is used by 
hiring managers (corporate users) only; however, the 
invention is not limited as such. Streamsearch option 342 
displays Web page 344 (Fig. 42) . Web page 344 includes 
options for entering a job description ("Job (Full Time)" 
hyperlink 345) , for entering a consulting services 
description ("Consulting Services" hyperlink 346), and for 
entering an advice description ("Advice" hyperlink 347). 

Clicking on hyperlink 345 displays Web page 350 (Fig, 

43) Web page 350 shows (in this case, the hiring manager) 

current job descriptions in the system. A job description 
includes job title 351 (e.g., Internet Engineer) and 
functional area 352, — (e.g., Software Engineering). 

Information is also provided which indicates when the job 
description was modified 353, by whom it was modified 354, 
and whether the job is currently open 355. Clicking on Add 
button 356 allows the user to enter a new job description 
into the system via Web page 358 (Fig. 44) . Web page 358 
may also be displayed to edit an existing job description by 
clicking on a hyperlink (e.g., 359) that corresponds to the 
job description. As shown, Web page 358 allows the user to 
edit/add a description of the job 360 and candidate 
5 requirements 361. 

Web page 350 also keeps track of queries (also called 
llstreamsearches" ) 365 that have been run, when they were 
last run 366, by whom such queries were last modified 367, 
and the results 368 of the queries. 

Clicking on add button 369 displays Web page 370 (Fig. 

45) Web page 370 allows the user to set up a streamsearch 
through database 20 and/or trusted network 26 or any 
subnetwork thereof for the information specified in Web page 
370. For example, the user can define a streamsearch (i.e., 
15 "query") to search for a candidate for a position. In Web 
page 370, the user specifies a start person 371 (meaning a 
person in the user's private trusted network in which to 
start the query), the job 372 to be filled, the name 373 of 
the streamsearch, and how often (scheduling 374) the 
20 streamsearch is to be run. 

The user may also specify filters for the search. 

These filters, which operate in engine 24, match candidates 
based on specified criteria. For example, "match required 
skills, , option 375 requires that the skills of the candidate 
(on Web page 99 of Fig. 15) match one or more of those of 
the job description (Web page 358 of Fig. 44) . Options are 
also provided for including candidates that have already 
been contacted by the system 376 and for including 
candidates that have previously been excluded 377. 
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Ratings filter 380 excludes candidates based on ratings 
for the candidates. These ratings are determined based on 
the degree of trust in a person's professional competency 
(option 219 of Web page 216 in Fig. 24) . The rating of a 
person may be determined by processing, e.g., averaging, the 
degrees of trust input by all people on the global network 
of the system. This is called the "global rating". 

Alternatively, the rating may be determined by processing, 
e.g., averaging, the degree of trust input by only people on 
the user's trusted network. This is called the "local 
rating". Either rating determination method may be used.' 

The system searches through the trusted stream starting 
with start person 371 based on the rating specified in 
filter 380. That is-,-@the system looks for referrals through 
the trusted to those people who have a rating the same as, 
or higher than, the rating input in 380. 
Results Web page 390 (Fig. 46) displays the results of 
the streamsearch input on Web page 37 0. The information 
returned includes the rating 391 of each candidate, the 
current title 392 of the candidate, the number of years of 
experience 393 that the candidate has, and the candidate 1 s 
prior companies 394. A check box 395 is also provided to 
indicate whether the candidate will be contacted. 

Figs 47 and 49 1 show Web pages 400 and 401 that 
correspond to Web page 350. Web pages 400 and 401 relate to 
obtaining candidates for consulting jobs and advice on a 
selected topic via the system. The actions performed with 
respect to Web pages 400 and 401 are analogous to those 
10 performed with respect to Web page 350. 

Referring back to Fig. 12, "SCreamcast" option 410 
displays Web page 411 (Fig. 49) . Web page 411 displays 
messages to be streamcast over one or more of the user's 
trusted streams. Clicking on hyperlink 412 displays Web 
15 page 413 (Fig. 50), which show the contents of the message 
streamcast by the user. 1 In this example, the message is a 
press release; however, other messages may be streamcast, 
such as the targeted advertising described above. No 
content for the press release is shown in Fig. 50. 

Referring back to Fig. 12, clicking on "Candidate 
Pipeline" option 420 displays Web page 421 (Fig. 51) . Web 
page 421 displays a list of candidates (e.g., potential 
hires) who have responded to queries from the user (in this 
case, the hiring manager) Clicking on hyperlink 422 
displays Web page 423 (Fig. 52) . Web page 423 displays 
history information for candidates specified in Web page 
421. In particular, Web page 423 displays information in 
notes section 424 indicating activity between the candidate 
and a company represented by the user. 

Figs. 10 to 52 show only one-representative embodiment 

of the invention. The invention, however, is not limited to 

the embodiment shown. Moreover, the invention is not 

limited to use with the particular hardware/software 

10 configuration of Fig. 5; it may find applicability in any 

computing or processing environment. The invention may be 

implemented in computer programs executing on programmable 

computers that each includes a processor, a storage medium 

readable by the processor (including volatile and non 

15 volatile memory and/or storage elements), at least one input 



device, and one or more output devices. Program code may be 
applied to data entered using an input device to perform the 
processes-described above and/or to generate output 
information, such as-Web pages, for display. 

Each such program may be implemented in a high level 
procedural or object-oriented prog@7amming language to 
communicate with a computer system. However, the programs 
can be implemented in assembly or machine language. The 
language may be a compiled or an interpreted language. 

Each computer program may be stored on a storage medium or 
device (e.g., CD-ROM, hard disk, or magnetic diskette) that 
is readable by a general or special purpose programmable 
computer for configuring and operating the computer when the 
storage medium or device is read by the computer to perform 
the processes described above. The invention may also be 
implemented as a computer-readable storage medium, 
configured with a computer program, where, upon execution, 
instructions in the computer program cause the computer to 
operate in accordance with the processes and the Web pages 
described above. 

Other embodiments not described herein are also within 
the scope of the following claims. 

Claim 

A method comprising: 

obtaining trusted referrals from people; 

linking at least some of the people based on the 

trusted referrals to create a trusted network on a computer; 

and 

using information on the trusted network. 

2 The method of claiml . wherein obtaining comprises 
receiving the referrals in response to requests. 

3 The method of claiml , wherein linking comprises 
storing relationships between at least some of the people 
that define at least a portion of the trusted network. 

4 The method of claiml , wherein: 

each person on the' trusted network comprises a node of 
the trusted network; and 

the method further comprises storing information in 
association with nodi@!s of the trusted network. 

5 The method of claim 4, wherein the information 

relates to a person corresponding to a node of the trusted 
network . 

. The method of claim 5, wherein the information 

comprises an assessment relating to competency of the person 

corresponding to the node. 

7 The method -of claiml , wherein using the 
information comprises sending an 'electronic mail (e-mail) 
message to one or more of the people on the trusted network. 

8 The method of claim 7, wherein the e-mail message 

is delivered to the one or more people based on settings for 
the one or more people and based on links in the trusted 
network. 

9 The method of claim 8, wherein the settings 
comprise listening preferences that define which e-mail 
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messages a person on the -trusted network wants to receive. 



10 The method of claim 7, wherein: 

the trusted referrals relate to products and/or 

services for sale; and 

the e-mail message includes advertising that is 

targeted to the one or more people and that relates to the 

products and/or services for sale. 

. The message of claiml , wherein the information 

comprises a referral relating to a person, place or thing. 

12 The method of claiml , wherein using the 

5 information comprises a buyer and a seller on the trusted 
network exchanging information relating to products and/or 
services for sale over the trusted network. 

13 The method of claiml , wherein the information 
comprises customer referrals for goods and/or services. 

14 The method of claiml , further comprising 
obtaining data about a person on the trusted network of 
people; 

wherein using the information comprises matching the 
person to a position based on the data about the person. 

15 The method of claim 14, wherein the data comprises 
background informati-on for the person and a desired 
position. 

16 The method of claim 15, wherein the background 
information comprises a personal profile that includes one 
or more of educational history, employment history, and 
skills of the person. 

17 The method of claiml , wherein the trusted 
referrals comprise trust in judgment and/or trust in 
professional competency/skills. 

18 The method of claiml , wherein: 

at least one of the trusted referrals includes 

information relating to a degree of trust; and 

using the information comprises obtaining information 

relating to one or more of the people via the trusted 

network based on the degree of trust. 

15' 19. The method of claim 18, further comprising 

obtaining a rating of trust for a person on the trusted 

network based on the degree of trust; 

wherein obtaining the information comprises obtaining 

the information relating to the person only if the rating of 

trust for the person is greater than a predetermined rating. 

20 The method of claim 19, wherein the rating is 

obtained based on information about the person that has been 

provided by people on the trusted network. 

. The method of claim 19, wherein the rating is 

obtained based on information about the person that has been 

provided by people on the trusted network and other people 

that are not on the trusted network. 

22 The method of claim 18, wherein the degree of 

trust comprises an assessment of the professional competency 

of a person who is the subject of the at least one trusted 

referral. 



23 A method comprising: 

obtaining a referral via a computer-generated network 

of people who are linked to one another based on trust; and 

using the referral in a selection process. 

24 The method of claim 23, wherein the selection 
process comprises screening based on the referral. 

25 The method of claim 23, wherein screening 
comprises screening potential candidates for a position. 

1 

26 The method of claim 23, wherein screening 
comprises screening potential products for purchase/use. 
. The method of claim 23, wherein screening 
comprises screening potential positions. 

28 The method of claim 23, wherein screening 
comprises screening potential investments. 

29 The method of claim 23, wherein screening 
comprises screening potential services for purchase. 

30 A method comprising: 

receiving information regarding types of messages that 
can be received via a trusted network of people; 
receiving a message via the trusted network of people; 
screening the message based on the information; and 
delivering the message if the message comports with the 
information. 

31 The method-, of claim 30, wherein the information 

20 regarding types of messages that can be received comprises 
listening preferences which are prqvided via a computergenerated 
graphical user interface. 

. The method of claim 31, wherein the types of 
messages are defined based on one or more of the following: 
a specific level on the trusted network, specific people on 
the trusted network, and/or specific streams on the trusted 
5 network. 

33 The method of claim 31, wherein the types of 
messages are defined by a subject matter of the message. 

34 A computer program stored on a computer-readable 
medium, the computer program comprising executable 
instructions that cause a computer to: 

obtain trusted referrals from people; 

link at least some of the people based on the trusted 

15 referrals to create a trusted network on a computer; and 

use information on the trusted network. 

35 The computer program of claim 34, wherein 

obtaining comprises .., -receiving the referrals in response to 
2 0 requests. 

36 The computer program of claim 34, wherein linking 
comprises storing relationships between at least some of the 
people that define at least a portion of the trusted 
network. 

37 The computer program of claim 34, wherein: 

each person on the trusted network comprises a node of 
the trusted network; and 

the computer program further comprises instructions to 
store information in association with nodes of the trusted 



network. 

38 The computer program of claim 37, wherein the 
information relates to a person corresponding to a node of 
the trusted network. 



39 The computer program of claim 38, wherein the 
information comprises an 1 assessment relating to competency 
of the person corresponding to the node. 

40 The comput-er program of claim 34, wherein using 

20 the information comprises sending an electronic mail (e 
mail) message to one or more of the people on the trusted 
network. . The computer program of claim 40, wherein the e 
mail message is delivered to the one or more people based on 
settings for the one or more people and based on links in 
the trusted network. 



42 The computer program of claim 41, wherein the 
settings comprise listening preferences that define which e 
mail messages a person on the trusted network wants to 
receive . 



43 The computer program of claim 40, wherein: 
the trusted referrals relate to products and/or 
services for sale; and 

the e-mail message includes advertising that is 

targeted to the one or more people and that relates to the 

products and/or services-for sale. 

44 The message of claim 34, wherein the information 
comprises a ref erral- .- 1 relating to a person, place or thing. 

45 The computer program of plaim 34, wherein using 
the information comprises a buyer and a seller on the 
trusted network exchanging information relating to products 
and/or services for sale over the trusted network. 

. The computer program of claim 34, wherein the 
information comprises customer referrals for goods and/or 
services . 



47 The computer program of claim 34, further 

comprising instructions to obtain data about 1 a person on the 
trusted network of people; 

wherein using the information comprises matching the 
person to a position based on the data about the person. 

48 The computer program of claim 47, wherein the data 
comprises background information for the person and a 
desired position. 

49 The computer program of claim 48, wherein the 
background information comprises a personal profile that 
includes one or more of educational history, employment 
history, and skills .,. -Oif the person. 

50 The computer program of plaim 34, wherein the 

trusted referrals comprise trust in judgment and/or trust in 

professional competency/skills. 

. The computer program of claim 34, wherein: 

at least one of the trusted referrals includes 

information relating to a degree of trust; and 

using the information comprises obtaining information 

relating to one or-more of the people via the trusted 

network based on the degree of trust. 



52 The computer program of claim 51, further 



comprising instructions to obtain a rating of trust for a 
person on the trusted network based on the degree of trust; 
wherein obtaining the information comprises obtaining 
the information relating to the person only if the rating of 
trust for the person is greater than a predetermined rating. 

53 The computer program of claim 52, wherein the 

rating is obtained based. -on information about the person 
that has been provided by people on the trusted network. 

54 The computer program of claim 52, wherein the 
rating is obtained based on information about the person 
that has been provided by people on the trusted network and 
I 

other people that are not on the trusted network. 

. The computer program of claim 51, wherein the 

degree of trust comprises an assessment of the professional 

competency of a person who is the subject of the at least 

one trusted referral. 

56 A computer program stored on a computer-readable 
medium, the computer program comprising executable 
instructions that cause a computer to: 

receive information regarding types of messages that 
10 can be received via a trusted network of people; 
receive a message via the trusted network of people; 
screen the message based on the information; and 
deliver the message if the message comports with the 
information. 

57 The computer program of claim 56, wherein the 
information regarding types of messages that can be received 
comprises listening preferences which are provided via a 
computer-qenerated 

[raphical user interface. 

58 The computer program of claim 57, wherein the 

types of messages are defined based on one or more of the 
following: a specific level on the trusted network, specific 
people on the trusted network, and/or specific streams on 
the trusted network. 

59 The computer program of claim 57, wherein the 

types of messages are defined by a subject matter of the 
message . 

60 An apparatus comprising 

a memory which stores executable instructions; and 
a processor which executes the instructions to: 
obtain trusted referrals from people; 
link at least some of the people based on the 
trusted referrals to create a trusted network in 
memory; and 

use information on the trusted network. 

61 The apparatus of claim 60, wherein obtaining 
comprises receivipg the referrals in response to requests. 

62 The apparatus of claim 60, wherein linking 

comprises storing relationships between at least some of the 
people that define at least a portion of the trusted 
network. 

. The apparatus of claim 60, wherein: 

each person on the trusted network comprises a node of 
the trusted network; and 

the apparatus further executes instructions to store 
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information in association with nodes of the trusted 
network. 

64 The apparatus of claim 63, wherein the information 
relates to a person corresponding to a node of the trusted 
network . 

65 The apparatus of claim 64, wherein the information 
comprises an assessment relating to competency of the person 
corresponding to the node. 

66 The apparatus of claim 60, wherein using the 
information comprises sending an electronic mail (e-mail) 
message to one or more of the people on the trusted network. 

67 The apparatus of claim 66, wherein the e-mail 
message is delivered to the one or, more people based on 
settings for the one or more people and based on links in 
the trusted network. 

. The apparatus of claim 67, wherein the settings 
comprise listening preferences that define which e-mail 
messages a person on the trusted network wants to receive. 

69 The apparatus of claim 66, wherein: 

the trusted referrals relate' to products and/or 
services for sale; and 

the e-mail message includes advertising that is 

targeted to the one or more people and that relates to the 

products and/or services for sale. 

70 The message of claim 60, wherein the information 
comprises a referral relating to a person, place or thing. 

71 The apparatus of claim 60, wherein using the 
information comprises a buyer and a seller on the trusted 
network exchanging information relating to products and/or 
services for sale over the trusted network. 

72 The apparatus of claim 60, wherein the information 
comprises customer referrals for g9ods and/or services. 
. The apparatus of claim 60, further comprising 
instructions to obtain data about a person on the trusted 
network of people; 

wherein using the information comprises matching the 
person to a position based on the data about the person. 

74 The apparatus of claim 73, wherein the data 
comprises background information for the person and a 
desired position. 

75 The apparatus of claim 74, wherein the background 
information comprises a personal profile that includes one 
or more of educational history, employment history, and 
skills of the person. 

76 The apparatus of claim 60, wherein the trusted 
referrals comprise trust in judgment and/or trust in 
professional competency/skills. 

77 The apparatus of claim 60, wherein: 

at least one of the trusted referrals includes 
information relating to a degree of trust; and 
using the information comprises obtaining information 
relating to one or more of the people via the trusted 
network based on the degree of trust. 



78 The apparatus of claim 77, further comprising 
instructions to obtain a rating of trust for a person on the 
trusted network based on the degree of trust; 

wherein obtaining the information comprises obtaining 

the information relating to the person only if the rating of 

10 trust for the person is greater than a predetermined rating. 

79 The apparatus of claim 78, wherein the rating is 
obtained based on information about the person that has been 
provided by people on the trusted network. 

80 The apparatus of claim 78, wherein the rating is 
obtained based on information about the person that has been 
provided by people on the trusted network and other people 
that are not on the trusted network. 

81 The apparatus of claim 77, wherein the degree of 

trust comprises an assessment of the professional competency 
of a person who is the subject of the at least one trusted 
referral . 

. An apparatus comprising: 

a memory which stores executable instructions; and 
a processor which executes the instructions to: 
receive information regarding types of messages 
that can be received via a trusted network of people; 
receive a message via the trusted network of 
people; 

screen the message based on the information; and 
deliver the message if the message comports with 
the information. 

83 The apparatus of claim 82, wherein the information 
regarding types of messages that can be received comprises 

15 listening preferences which are provided via a computergenerated 
graphical user-interface. 

84 The apparatus of claim 83, wherein the types of 
messages are defined- "Abased on one or more of the following: 
a specific level on the trusted network, specific people on 
the trusted network, and/or specific streams on the trusted 
network . 

. The apparatus of claim 84, wherein the types of 
messages are defined by a subject matter of the message. 
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New OCSP protocol, certificate validation engine provides the solution 
Business-to-business Internet trade is projected to rocket to $1 .3 
trillion by 2003, according to Forrester Research (FORR) and that 1 s just in 
the United States. Whether or not this projection comes true, or is 
dramatically exceeded, depends largely on whether companies trust the 
Internet for high-value transactions, such as signing million-dollar 
contracts over the Internet. 

The Internet's trustworthiness, in turn, depends largely on trading 
partners 1 ability to conclusively identify one another online. Ultimately, 
trading partners must also be able to manage any risk that their 
counterparts may be impostors, unauthorized agents or e-commerce Web sites 
being spoofed. 

Public key infrastructure (PKI) technology goes a long way toward 
providing identity certainty. Through the power of cryptography, PKI can: 

* identify trading partners and employees, 

* ensure communications haven't changed in transit; and 

* prove after the fact that the communication actually took place. 

A problem, however, has always existed in PKIs: It is difficult to be 
certain the digital certificates individuals and machines use to identify 
themselves are valid at the very instant a transaction occurs. Digital 
certificates often live longer than the privileges they stand for. If an 
impostor or recently fired employee uses an "old, " revoked digital 
certificate to forge a business deal, millions of dollars could be at risk. 

With apologies to the famous New Yorker cartoon, it's important for a 
business on the Internet to know if its trading partner is a dog. Today, 
there's just no way to know for sure. 

Intimately familiar with this certificate revocation problem, the 
e-commerce security industry is offering a new standard for realtime (and 
low-overhead) certificate validation called OCSP, or Online Certificate 
Status Protocol. The Internet Engineering Task Force (IETF), based in 
Adelaide, Australia, recently approved OCSP as an RFC (or formal document) 
on track to become an official Internet standard. Properly implemented, 
OCSP can bring new levels of trust to businessto-business Internet commerce 
transactions and dominate the certificate validation marketplace. 

E-commerce leaders such as Identrus, the organization formed by 
world-class financial institutions, are utilizing this standard to deploy a 
global trust infrastructure for business-to-business ecommerce. Identrus 
member banks include ABN AMRO, Bank of America (BAC) , Barclays Bank, Chase 
Manhattan (CMB) and Citigroup (C) . 

"OCSP is a key component of Identrus' risk management strategy as our 
member financial institutions deploy business-to-business Internet commerce 
trust services around the globe," says Kristin Kupres, Identrus 1 chief 
operating and technology officer. 

"Real-time validation capability within and across public key 
infrastructures is critical for businesses that intend to engage in 
high-value e-business transactions via the Internet, " says Diana Kelley, 
senior security analyst at the Framingham, Mass. -based Hurwitz Group. "OCSP 
support and multi-vendor interoperability are features that the market 
should demand. " 

The National Automated Clearing House Association, or NACHA, has 



successfully trialed OCSP with financial institutions and technology 
partners . 

What's wrong with the traditional way 

OCSP is a candidate to displace, or at least supplement, certificate 
revocationlist (CRL) processing, the traditional, prevailing method of 
investigating digital certificate status. In this approach, thetrusted 
entitiesthat issue digital certificates, called certification authorities 
(CAs), generate and publish lists of revoked certificates called 
certificate revocation lists (CRLs) . The user or e-business application is 
relying on the validity of a certificate fetches the CRL to see if the 
certificate is listed as revoked. 

This approach takes a lot of time, consumes significant processing 
power, and is prone to error, according to OCSP proponents. Specifically: 

* The CRL might not be available because the CA that publishes it 
might not make its CRL widely available to anyone who wants to see it. 

* The CRL might be outdated. It isn't feasible for CAs to generate, 
or relying parties to fetch, new lists every second. 

* The trading partner or e-business application might not know how to 
find the CRL. 

* Particularly for a very active CA, the CRL might grow large too 
quickly to deliver accurate information to all interested parties. 

* The CA that issued the digital certificate in the first place might 
no longer be trusted and have had its privileges revoked, casting doubt on 
a certificate's integrity. 

In any of these cases, the recipient can't validate a certificate. If 
the relying party is not an automated server, but is instead an individual 
- for instance, one of several representatives in a call center - then 
these CRL distribution problems are magnified: The CRL must be copied to 
all the possible recipient desktops. Processing and searching these lists 
can be time-consuming and complicated for the user or e-business 
application, making the undertaking fraught with potential error. The CRL 
retrieval process also can devour storage capacity, desktop memory and 
bandwidth throughout a network. 

Even if these problems didn't exist, there are two additional 
problems CRLs cannot solve: 

* Without special processing, relying parties can't prove they 
properly checked the most recently available CRL at that instant. In other 
words, there is no guarantee that the relying party performed its due 
diligence. 

* Just by looking at a CRL, a relying party can't tell if the 
certificate he/she received was indeed a properly issued certificate (as 
opposed to a "fake" certificate, or one shoddily prepared by latenight 
hackers) . 

OCSP provides real-time, low-overhead certificate validation 
OCSP addresses all of these concerns. It provides the basis for 
certificate validation engines that report certificate status in real time, 
lighten client-processing loads, simplify end-user searches, and eliminate 
the need to configure multiple clients to multiple certification 
authorities . 

Under the OCSP protocol, relying parties send specific information 
about the certificates they receive to a validation engine called an OCSP 
responder, rather than processing a CRL. The OCSP responder contains all 
the information in relevant CRLs, since it has processed the lists itself. 
Then the OCSP responder returns to relying parties a reply that indicates - 
definitively - whether or not the certificate is still valid. 

The OCSP responder digitally signs these replies, as well as the 
queries, enabling relying parties to prove they carried out their due 
diligence. 

OCSP brings a host of additional benefits. The relying party can send 
a set of bytes called a nonce that the OCSP responder includes in its 
reply. This process allows a relying party, such as a Web server, to tie a 
particular OCSP request/reply to a particular transaction. This process 
also provides further auditable proof that the relying party acted properly 
(i.e., performed its due diligence) when deciding whether or not to 
authorize a particular transaction. Also, OCSP consumes less network 



bandwidth than CRL processing, since it involves transmitting information 
about the status of a single certificate, not thousands of revoked ones. 
And OCSP is more immediate: Administrators can perform instant, "fast-path" 
revocations of digital certificate privileges manually, providing real-time 
status before the next CRL the trusted entity issues is processed. 

OCSP allows flexible configurations to meet companies' needs 

In its simplest deployment, OCSP allows an enterprise to consolidate 
its status-checking with a centralized server in the same way that many 
departments centralize mail and print servers. In this model, PC users, Web 
servers and others servers would point to the same OCSP responder even 
though they are handling digital certificates in different ways. 

As an organization interacts with more trading partners, it will need 
to validate certificates issued by multiple certificate authorities. Rather 
than continuously fetching CRLs from a multitude of CAs - which is 
unfeasible - OCSP lets the organization configure multiple CAs to a single 
OCSP responder. Likewise, for global companies and global PKIs, trading 
partners might come from two entirely separate PKIs. In this case, 
companies can deploy peer OCSP responders . 

These alternatives make it easy - and in fact possible - for users 
and applications to know a trading partner 1 s certificate is valid as they 
enter a transaction. For truly global organizations, or when the value 
(financial, political or otherwise) of transactions is very large, trading 
partners might need to go one step further. In addition to validating one 
another's digital certificates, they can validate one another's OCSP 
responders to ensure that neither has been compromised. In this situation, 
the businesses can agree to deploy a PKI that provides a tree of OCSP 
responders . 

A root responder, run on behalf of all the participants, can sit at 
the top of this trust hierarchy and verify the validity of each trading 
partner's responder to all other participants. An initial deployment of 
such a PKI might set up only the interconnections and "trustpaths" 
between the various top-levelbusinesses and the root. If that's the 
case, a user would need to perform the OCSP query manually, which would 
entail a few mouse clicks. 

As the parties develop consistent business practices or system rules, 
these checks can be made automatic and built into the processing of each 
OCSP responder, alleviating the client of all complicated processing. 

With any or all of these OCSP mechanisms in place, trading partners 
will be at far less risk than if they accept digital certificates at face 
value. Companies will be safer than if they have their users and 
applications continuously fetching CRLs. They will have performed their due 
diligence in a fraction of the time while consuming fewer network and 
computing resources. Plus, they will know for certain that a given digital 
certificate was valid at the instant a transaction took place. 

This level of security is a giant step toward a thriving 
business-to-business Internet commerce infrastructure that finally enables 
auto makers to carry out million-dollar purchases on the Internet. Both 
sides can know that their counterparts are who they say they are, and are 
still agents of their companies in good standing, or not. And on the 
Internet, dogs will be revealed as dogs, and businessto-business commerce 
can thrive. 

Rich Salz, salzr@certco.com, is a consulting engineer at CertCo., a 
provider of software and hardware to secure high value business-to-business 
Internet commerce. Salz was the principal designer for CertValidator, the 
company's digital certificate repository and OCSP responder. 
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